adamyordan / offbyslash-django-dumperLinks
A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.
☆24Updated 2 years ago
Alternatives and similar repositories for offbyslash-django-dumper
Users that are interested in offbyslash-django-dumper are comparing it to the libraries listed below
Sorting:
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- This is the Go Server that relays all HTTP requests and responses between clients.☆27Updated last year
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆46Updated 6 years ago
- Collection of different exploitation scenarios of JWT.☆21Updated 3 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- Credentials Checking Framework☆54Updated 2 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 7 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆41Updated 4 years ago
- Simple burp extension for routing traffic over tor. It instruments tor to switch to a new circuit after every N requests.☆19Updated 3 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Updated 4 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆58Updated 6 years ago
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Updated 2 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- A multi-processed, multi-threaded scanner to discover web directories on multiple URLs.☆21Updated 5 years ago
- The Recon scanning tool scans websites for open files & directories specified in the custom config file. Default server configuration fil…☆15Updated 7 years ago
- RAS(RAndom Subdomain) Fuzzer☆42Updated 5 years ago
- ☆32Updated 6 years ago
- Common Wordlists☆54Updated 8 years ago
- Google Chrome Extension automates testing fundamental Web Problems via Chrome☆21Updated 4 years ago
- Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…☆32Updated 5 years ago
- Simple python script to check against hypothetical JWT vulnerability.☆51Updated 4 years ago
- An Extended, Modulair, Host Discovery Framework☆43Updated 6 years ago
- A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this a…☆25Updated 5 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 6 years ago
- web-based-fuzzer☆32Updated 5 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆46Updated 2 years ago
- Auto Recon Bash Script☆31Updated 6 months ago
- A better dns bruteforcer written in golang☆13Updated 6 years ago
- Bug Bounty Clipboard☆17Updated 5 years ago
- This tool will scan all the URL's in the file and will provide Content-Length, Status-Code, Server and more.☆36Updated 3 years ago